Hi,
now that the entryCSN and entryUUID schema elements and index has been
added in the server, I would like to extend the configuration to be able
to inject the consumer part of the syncrepl protocol we have in a branch
(replication).
Here are the minimal configuration elements we have to add :
- replica ID : the server ID. It's a DirectoryService parameter.
- providers : a LdapURL. It's used to define the server we will be
connected to plus the search parameters. We may have more than one provider.
- type : refreshOnly or refreshAndPersist
- bindDn : the DN to use to do the search
- bindMethod : the bind method (simple or sasl)
- credentials : the credentials used to authentify the user
- saslMechanism : the list of SASL mechanism to use (if a SASL boind is
requested)
Atm, I didn't add the TLS parameters. It would be interesting to avoid
adding a password in the configuration file, to use a certificate instead.
This should be enough to implement the replication configuration, not
only for the consumer part of the protocol.
FYI, I think that using a LDAPURL instead of many parameters (baseDN,
filter, scope, attrs) is probably better. We could also inject some of
the other potential parameters (sizeLimit, timeLimit) as extensions in
the LdapUrl.
I will try to come with a configuration sample very soon.
thoughts ?
PS : I haven't implemented anything atm.
--
--
cordialement, regards,
Emmanuel Lécharny
www.iktek.com
directory.apache.org
